none
Limiting the size of custom log files RRS feed

  • Question

  • Hello,

    In my company, when a user logs on or off, the LOGON and LOGOFF scripts write the action to a log file for that specific user.  It is a simple batch file that performs this and below is the code in the LOGON Script that runs:

    echo Logon - %computername% - %username% - %date% %time% >>  \\XXXXXXX\UserShares\Scripts\%username%.log

    Note:  in the folder path, I replaced my server name with 'XXXXXX'.

    My question is how to manage the size of these log files automatically...I'm in Orlando, so the mouse likes us saying "automagically".  Anyways, all I wish to do is avoid having to manually open each log file and remove entries, 6 months at a time or so, to keep the sizes at a minimal?  It could be based on the size of the file, or the oldest entry (keep only 6 months of entries), or by the number of lines in the log file, etc.  I'm not picky on what method to use, just wish to not have to do this manually.

    Cheers!


    John Fester


    • Edited by omega4alpha Friday, January 17, 2014 1:39 PM
    Friday, January 17, 2014 1:39 PM

Answers

  • Hi John,

    there are many ways you could script something like that, but I don't think there's a need to reinvent the wheel here. There's a great tool that will allow you to handle logs automatically, and it is called ...

    Logrotate

    I can only recommend using it, it's made my workload a lot lighter already :)

    Cheers,
    Fred


    There's no place like 127.0.0.1

    • Marked as answer by omega4alpha Friday, January 17, 2014 1:50 PM
    Friday, January 17, 2014 1:44 PM
  • Hi John,

    I use a similar startup script to track reboots. The script checks the status file and will delete it once it reaches 100 lines. You can adjust this to meet your needs as well.

    @ECHO OFF
    
    PING 127.0.0.1 -n 61 >NUL
    
    IF NOT EXIST C:\Temp (mkdir C:\Temp)
    ECHO PC was rebooted on %date% at %time% >> C:\Temp\SystemReboot.txt
    
    COPY /Y C:\Temp\SystemReboot.txt C:\Temp\%computername%.txt
    MOVE /Y C:\Temp\%computername%.txt \\FILESHARE\RSL
    
    SET lineLimit=100
    FOR /F "tokens=4 delims=: " %%G IN ('find /c /i "PC" C:\Temp\SystemReboot.txt') DO SET found=%%G
    IF %found% GEQ %lineLimit% (del /q C:\Temp\SystemReboot.txt)

    EDIT: Looks like I waited too long to press Submit. =] Fred's suggestion is definitely a good one.


    Don't retire TechNet! - (Don't give up yet - 12,575+ strong and growing)


    • Edited by Mike Laughlin Friday, January 17, 2014 1:58 PM
    • Marked as answer by omega4alpha Friday, January 17, 2014 2:37 PM
    Friday, January 17, 2014 1:55 PM

All replies

  • Hi John,

    there are many ways you could script something like that, but I don't think there's a need to reinvent the wheel here. There's a great tool that will allow you to handle logs automatically, and it is called ...

    Logrotate

    I can only recommend using it, it's made my workload a lot lighter already :)

    Cheers,
    Fred


    There's no place like 127.0.0.1

    • Marked as answer by omega4alpha Friday, January 17, 2014 1:50 PM
    Friday, January 17, 2014 1:44 PM
  • Hi Fred,

    Much appreciated your quick response!  If I may ask you, since you seem to be using the tool some already.  Is there anything I should be cautious about with this utility?  It would be placed on the DC which is SBS '11 currently (don't judge me!).  I tend to not use applications for things like this, mainly to avoid the concern of what all might be done with some applications.  Normally I would try to write something myself so that I know precisely everything that it is doing and know there is nothing beyond that.

    Looking at their page, seems legit though.  Just asking you opinion on using that. 

    Thank you again Fred!  PS:  love your signature lol!  There's no place like 127.0.0.1


    John Fester

    Friday, January 17, 2014 1:49 PM
  • Hi John,

    I use a similar startup script to track reboots. The script checks the status file and will delete it once it reaches 100 lines. You can adjust this to meet your needs as well.

    @ECHO OFF
    
    PING 127.0.0.1 -n 61 >NUL
    
    IF NOT EXIST C:\Temp (mkdir C:\Temp)
    ECHO PC was rebooted on %date% at %time% >> C:\Temp\SystemReboot.txt
    
    COPY /Y C:\Temp\SystemReboot.txt C:\Temp\%computername%.txt
    MOVE /Y C:\Temp\%computername%.txt \\FILESHARE\RSL
    
    SET lineLimit=100
    FOR /F "tokens=4 delims=: " %%G IN ('find /c /i "PC" C:\Temp\SystemReboot.txt') DO SET found=%%G
    IF %found% GEQ %lineLimit% (del /q C:\Temp\SystemReboot.txt)

    EDIT: Looks like I waited too long to press Submit. =] Fred's suggestion is definitely a good one.


    Don't retire TechNet! - (Don't give up yet - 12,575+ strong and growing)


    • Edited by Mike Laughlin Friday, January 17, 2014 1:58 PM
    • Marked as answer by omega4alpha Friday, January 17, 2014 2:37 PM
    Friday, January 17, 2014 1:55 PM
  • Hi John,

    the wiki really tells you all you need to know. I just add a daily task for the application to run.

    There's just a slight security warning: You need to run it elevated (I monitored it for some time and it just did what it told it did), which means you need to set up the scheduled task as running with maximum privileges. This is not a problem in itself, but it is reading what it is doing from a simple logrotate script-file (you can see the examples on their wiki, they are trivial). You need to make sure this script cannot be accessed by unauthorized users, as it is possible to tell it to run cmd commands (which it will do elevated).

    If you handle that however, it runs very reliably.

    Cheers,
    Fred


    There's no place like 127.0.0.1

    Friday, January 17, 2014 2:02 PM
  • Fred, 

    Thank you again for the information and your knowledge with that utility.  I might try using it on a different server/workstation and saving the logs there rather than the DC for security purposes and avoiding some concerns with running it in elevated prompt.

    I marked your response as an answer as it seems like that would be a solution indeed!

    Thank you again.


    John Fester

    Friday, January 17, 2014 2:43 PM
  • Hi Mike,

    Thank you for that code!  I was looking for something just like this to use with my scripts.  I write directly to the log files rather than to a tmp file then moving the file to the folder.  It seems like the lineLimit will work in my method as well though and I appreciate you providing this!

    Many thanks!


    John Fester

    Friday, January 17, 2014 2:45 PM